Method and apparatus for accessing remote storage in a distributed storage cluster architecture
Abstract
A network storage system includes a virtual file system (“VFS”) that manages the files of the network storage system, and a storage center that stores the files. The VFS and the storage center are separated, such that a client accesses the VFS to conduct file system operations and the client accesses the storage center to upload/download files. The client accesses the network storage system through one or more storage ports. The storage center includes a plurality of distributed object storage managers (DOSMS) and a storage cluster that includes a plurality of intelligent storage nodes. The network storage system includes additional storage centers at geographically disparate locations. The network storage system uses a multi-cast protocol to maintain file information at the DOSMs regarding files stored in the intelligent storage nodes, including files stored in disparate storage centers.
Claims
exact text as granted — not AI-modified1. A method comprising:
determining by a selected one of a plurality of control nodes, whether a client request to access an object is authentic, the determining being based upon whether a first certificate matches a second certificate, the first certificate being obtained from the client request, the second certificate being calculated based upon an encoded request from the client request;
if the selected one of the plurality of control nodes determines that the client request is authentic, determining, by the selected one of the plurality of control nodes, one of a plurality of storage nodes in which the object is located; and
retrieving the object from the one of the plurality of storage nodes.
2. The method of claim 1 , wherein:
the second certificate is based upon a first calculation and a second calculation, the first calculation comprising hashing an object fingerprint and a key to yield a first result, the second calculation yielding the second certificate and comprising hashing the first result and the key.
3. The method of claim 2 , further comprising:
generating, based upon the client request, the first certificate and the object fingerprint.
4. The method of claim 1 , wherein:
the selected one of the plurality of control nodes is selected by a level four switch.
5. The method of claim 4 , wherein:
the level four switch selects the selected one of the plurality of control nodes based on availability of the selected one of the plurality of control nodes to retrieve the object.
6. The method of claim 2 , wherein:
the object fingerprint identifies the object.
7. The method of claim 1 , wherein:
the determining of the one of the plurality of storage nodes is based upon examination by the selected one of the plurality of control nodes of a file table at the one of the plurality of control nodes.
8. The method of claim 7 , further comprising:
broadcasting by the selected one of the control nodes a broadcast request for the object to the plurality of storage nodes.
9. An apparatus comprising:
a selected one of a plurality of control nodes to determine whether a client request to access an object is authentic, based upon whether a first certificate matches a second certificate, the first certificate being obtained from the client request, the second certificate being calculated based upon an encoded request from the client request; and
the selected one of the plurality of control nodes being capable of, if the selected one of the plurality of control nodes determines that the client request is authentic, determining one of a plurality of storage nodes in which the object is located, and retrieving the object from the one of the plurality of storage nodes.
10. The apparatus of claim 9 , wherein:
the second certificate is based upon a first calculation and a second calculation, the first calculation comprising hashing an object fingerprint and a key to yield a first result, the second calculation yielding the second certificate and comprising hashing the first result and the key.
11. The apparatus of claim 10 , wherein:
the selected one of the plurality of control nodes is capable of generating, based upon the client request, the first certificate and the object fingerprint.
12. The apparatus of claim 10 , wherein:
the object fingerprint identifies the object.
13. The apparatus of claim 9 , further comprising:
a level four switch to select the selected one of the plurality of control nodes.
14. The apparatus of claim 13 , wherein:
the level four switch is capable of selecting the selected one of the plurality of control nodes based on availability of the selected one of the plurality of control nodes to retrieve the object.
15. The apparatus of claim 9 , wherein:
the selected one of the plurality of control nodes is capable of determining the one of the plurality of storage nodes based upon examination by the selected one of the plurality of control nodes of a file table at the one of the plurality of control nodes.
16. The apparatus of claim 15 , wherein:
the selected one of the control nodes is capable of broadcasting a broadcast request for the object to the plurality of storage nodes.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.